An efficient identitybased QER cryptographic scheme
Abstract
Recently, an identitybased quadratic exponentiation randomized cryptosystem scheme using the discrete logarithm problem and the integer factorization problem has been developed. Their contribution lies in that they initiated an idea to create the identitybased cryptographic scheme without bilinear pair. This scheme can achieve the security goal of protecting data and prevent the adversary from snooping the encrypted data, and finding the secrete keys. In this paper, we have proposed some modification in setup phase using floor function and superincreasing sequence, and modified the encryption and decryption process in the identitybased quadratic exponentiation randomized cryptographic scheme. We also discuss how to enhance the security of proposed scheme and processing cost of the proposed scheme.
Keywords
Cryptography Identitybased quadratic exponentiation randomized cryptosystem Discrete logarithm problem Integer factorization problem Quadratic exponentiation randomizedIntroduction
Rapid advances in computer technology and the development of the Internet are changing the way of daily life. We also organize our daily and business lives according to Internet facility. Secrecy is an important issue with respect to sensitive data transferred over insecure public channels. In an open network environment, secret session key needs to be shared between two users before it establishes a secret communication [7, 16, 17, 18]. As the number of users in the network is increasing, key distribution will become a serious problem. The public key cryptosystem can effectively solve the session key distribution problem in an open network environment, but each user should authenticate the public key of the partner before using it. The public key infrastructure (PKI) is proposed to implement the authentication of the public key, but it leads to large management overheads.
In 1984, the concept of the identitybased cryptographic scheme was introduced by Shamir [1]. According to his idea, the public key of each user is just extracted from his public identity information, such as email address, identity number, etc. [1]. Using each user’s public identity as his public key can escape the problem of authentication of the public key, and it enables users to establish the session key in the noninteractive form. However, Shamir only succeeded in constructing an Identitybased signature scheme. When Boneh et al. [17] constructed identitybased encryption using the property of Weil pairing, designed the Identitybased cryptographic scheme, and then only, it was practically implemented. However, the bilinear pair operations make the cryptographic scheme unsuitable to lowperformance devices [20]. Tsujii and Itoh [21] also proposed an identitybased cryptographic scheme using the DLP with single discrete exponent which uses the ElGamal [22] public key cryptographic scheme. Recently, Meshram [8] used the variant of IFP and DLP to construct their identitybased encryption scheme and proposed many identitybased cryptographic techniques [9, 10, 11, 12] which have been proposed. However, in these techniques, the public key of each entity is not only an identity, it is some random number selected either by the entity or by the trusted authority.
As above outline, the new identitybased cryptographic schemes always face security challenges and confidentiality worries. The main contribution of our new efficient identitybased QER cryptographic scheme is the key generation phase. In this study, we design an efficient identitybased QER cryptographic scheme using the property of DLP with distinct discrete exponent and IFP. We have also discussed enhancement of security and processing cost of efficient identitybased QER cryptographic scheme.
The rest of this paper is organized as follows: review of Meshram and Obaidat’s identitybased QER cryptographic scheme is discussed in Sect. 2. An efficient identitybased QER cryptographic scheme is proposed in Sect. 3. The security analysis and security proof of our new scheme are presented in Sect. 4. Performance comparison of proposed identitybased cryptographic schemes and other six schemes are described in Sect. 5. Enhancement of security and processing cost of identitybased QER cryptographic scheme are explained in Sect. 6. Finally, in Sect. 7, we conclude the paper.
Review of Meshram and Obaidat’s identitybased QER cryptographic scheme
To describe it briefly, Meshram and Obaidat’s [13] identitybased QER cryptographic scheme can be summarized as four related subalgorithms, such as Setup, Extraction, Encryption, and Decryption. The Setup algorithm is run by Private Key Generator (PKG) to generate its public and private keys. On receiving the registered application of a user, PKG will run the Extraction algorithm to generate the private key of this user if the user is identified to be legal. If some user wants to securely send a message to another user, he/she can run the Encryption algorithm to encrypt the message with the identity of the latter. On receiving the ciphertext, the receiver can run the Decryption algorithm to decrypt the ciphertext with his private key. Most of the existing identitybased cryptosystems are described in this form [7], so it is easy for readers to understand our QER description of Meshram and Obaidat’s identitybased cryptographic scheme, which is shown as follows:
Setup
 1.
Selected p and q random prime numbers s.t. \(N=pq\). Let \(n= N \) be the bit number and compute Eulerphi function \(\varphi ( N )=( {p1} )( {q1} )\).
 2.
Select two arbitrary random integers e and d, \(1\le e,d\le \varphi ( N )\) satisfying the conditions gcd\(( {e,\varphi ( N )} )=1\), and \(ed\equiv 1( {\hbox {mod}\,\varphi ( N )} )\).
 3.
Generate ndimensional vector \({\vec {b}}=(b_1,b_2,\ldots ,b_n)\) defined over multiplicative cyclic group \(Z_{\varphi ( N )}^*\), under the condition \(1\le b_i \le \varphi ( N), ( {1\le i\le n} )\) and \(b_i \ne b_j ( {\text {mod}\,\varphi ( N )} ),( {i\ne j} ).\)
 4.
Compute ndimensional vector \({\vec {h}}=(h_1,h_2,h_3,\ldots ,h_n)\), where \(h_i =\alpha ^{b_i }\hbox {mod}\,N( {1\le i\le n} ).\)
Extraction
 1.Compute the entity i \(^\prime \)s extended ID, \({R}_i\) as follows:$$\begin{aligned} {R}_i= & {} ( {\hbox {ID}_i } )^{e}( {\hbox {mod}\,N} )\\= & {} (y_{i1}, y_{i2} ,y_{i3} ,\ldots ,y_{it} ),y_{ij} \in \{ {0,1} \},\left( {1\le j\le t}. \right) \end{aligned}$$
 2.Entity \(i^{\prime }s\) secrete keys \(s_i \) is computed by inner product of \({\vec {b}}\) and \({R}_i \) as follows:$$\begin{aligned} s_i =\vec {b}{R}_{i}(\hbox {mod} \,\varphi (N)) = \sum \limits _{1\le j\le n} b_j y_{ij} \,\hbox {mod} ( {\varphi ( N )} ). \end{aligned}$$
Encryption
 1.Compute the entity 1’s extended ID, \({R}_1 \) by the following form:$$\begin{aligned} {R}_1= & {} ( {\hbox {ID}_1 } )^{e}( {\hbox {mod}\,N} )\\= & {} (y_{11} ,y_{12} ,y_{13} ,\ldots ,y_{1t} ),\\&y_{1j} \in \{ {0,1} \},( {1\le j\le t} ). \end{aligned}$$
 2.Compute$$\begin{aligned} Y_1= & {} \mathop \prod \limits _{1\le i\le n} h_i ^{y_{1i} }( {\hbox {mod}\, N} )\\= & {} \mathop \prod \limits _{1\le i\le n} ( {\alpha ^{b_i }} )^{y_{1i} }( {\hbox {mod} \,N} )\\= & {} \alpha ^{\mathop \sum \nolimits _{1\le i\le n} b_i y_{1i} \hbox {mod}( {\varphi ( N )} )}( {\hbox {mod} \,N} )\\= & {} \alpha ^{s_1 }( {\hbox {mod} \,N} ). \end{aligned}$$
 3.
Compute \(C_1 =( {\alpha ^{k}} )^{e}( {\hbox {mod} \,N} )\).
 4.
Compute \(C_2 =(M(\alpha ^{s_1 })^{k})^{e}( {\hbox {mod} \,N} )\).
Decryption
 1.
Compute \(C_1^{\varphi ( N )s_1 } ( {\hbox {mod} \,N} )=C_1^{s_1 } ( {\hbox {mod}\,N} ).\)
 2.It uses secrete key \(s_1 \) to recover M as follows:$$\begin{aligned} ( {C_1^{s_1 } *C_2 } )^{d}( {\hbox {mod}\,N} )= & {} ( {\alpha ^{s_1 ke}M^{e}\alpha ^{s_1 ke}} )^{d}( {\hbox {mod}\,N} )\\= & {} M^{ed}( {\hbox {mod}\,N} )\\= & {} M( {\hbox {mod}\,N} ). \end{aligned}$$
Propose an efficient identitybased QER cryptographic scheme
The efficient identitybased QER cryptographic scheme is more secure than the previous scheme presented by Meshram and Obaidat’s [13] in terms of security. We used floor function and superincreasing sequence to develop the master key pair in this scheme. It is very difficult for attacker or adversary to find the private key and break the communication between different parties in low time period as compared with the scheme described in [13]. It is also very difficult to maintain the communication cost for breaking the system in view of our proposed scheme.
New efficient identitybased QER cryptographic scheme is described in four subalgorithms, such as Setup, Extraction, Encryption, and Decryption, which are shown as follows.
Setup
 1.
Select a natural number satisfying the conditions \(\gcd ( {\beta ,\varphi ( N )}) =1\) and \(\beta < \lfloor \varphi ( N )/n\rfloor \), where \(\lfloor x\rfloor \) denote the floor function which implies the largest integer smaller than x.
 2.
Choose superincreasing sequence corresponding to b as \({\vec {b}}^{\prime }_{i}(1\le i\le n)\) when satisfies \(\mathop \sum \nolimits _{j=1}^{i1}{\vec {{b}}^{\prime }}_j + \delta < \varphi (N) \) where \(\delta < \lfloor \varphi ( N)/\beta \rfloor \), and \(\mathop \sum \nolimits _{j=1}^n {\vec {b}^{\prime }}_j < \varphi (N)\).
 3.
Compute \(b_i ={b}^{\prime } \beta (\hbox {mod} \,\varphi (N))\) and \(c_i =b_i ( {\hbox {mod} \,\beta }),( {1\le i\le n} )\)
 4.
Compute ndimensional vectors \(v=( {v_1 ,v_2 ,\ldots ,v_n } ),\) where \(v_l =d_l b_l ( {\hbox {mod}\,\varphi ( N )} ),( {1\le l\le n} ).\)
Extraction
 1.Compute as the extended of entity i’s, by the following:$$\begin{aligned} R_i= & {} ( {\hbox {ID}_i })^{e}( {\hbox {mod}\,N} )=( {y_{i1} ,y_{i2} ,\ldots ,y_{it} } ),\\&y_{ij} \in \{ {0,1} \},( {1\le j\le t} ) . \end{aligned}$$
 2.Entity \(i^{\prime }s\) secrete keys \(s_i\) is computed by inner product of \({\vec {v}}_l\) and \(R_i\) as follows:$$\begin{aligned} s_i ={\vec {v}}_l R_i(\hbox {mod} \,\varphi (N))=\sum \limits _{1\le j\le n} {\vec {v}}_l y_{ij} \hbox {mod} \,(\varphi (N)) \end{aligned}$$
Encryption
 1.Compute the entity i’s extended \(\hbox {ID}\),\(R_1 \)by the following:$$\begin{aligned} R_1 =( {y_{11} ,y_{12} ,\ldots ,y_{1t} } ),y_{1j} \in \{ {0,1} \},( {1\le j\le t} ). \end{aligned}$$
 2.Compute$$\begin{aligned} Y_1= & {} \mathop \prod \limits _{1\le i\le n} (h_i ^{y_{1i} })^{d_i }( {\hbox {mod}\,N} )\\= & {} \mathop \prod \limits _{1\le i\le n} (( {\alpha ^{b_i }} )^{y_{1i} })^{d_i }( {\hbox {mod}\,N} )\\= & {} \alpha ^{\mathop \sum \nolimits _{1\le i\le n} \vec {v}_l y_{1i} \hbox {mod}( {\varphi ( N )})}(\hbox {mod} \, N)\\= & {} \alpha ^{s_1 }( {\hbox {mod}\,N} ). \end{aligned}$$
 3.
Compute \(Y_2 =\alpha ^{\varphi ( N )s_1 }( {\hbox {mod}\,N} )=\alpha ^{s_1 }( {\hbox {mod}\,N})\).
 4.
Compute the ciphertext \(C=( {M\alpha ^{s_1 }}. )^{e}( {\hbox {mod}\,N} )\)
Decryption
 1.
Use his private key \(s_1 \) to recover M as \(M=( {Y_2^e *C})^{d}({\hbox {mod}\,N} ).\)
Due to \(Y_2^e =(\alpha ^{s_1 })^{e}( {\hbox {mod}\,N} )\)
We have \(( {Y_2^e *C} )^{d}( {\hbox {mod}\,N} )\equiv (\alpha ^{s_1 e}M^{e}\alpha ^{s_1 e})^{d}( {\hbox {mod}\,N} )\equiv M^{ed}( {\hbox {mod}\,N} )\equiv M( {\hbox {mod}\,N} ).\)
Security analysis and discussions
The security of identitybased QER cryptographic scheme is based on the index problems, such as IFP and DLP, which define over multiplicative cyclic group \({Z}_{N}^{*}\). Applying Meshram and Meshram attacking method [14] to the proposed system, it may be noted that center’s secret information may be disclosed.
Theorem 1
[14] The \(( {n+1} )\) entities’ \(i, ( {1\le i\le n+1} )\) can derive an ndimensional vector \(v_i^{\prime } \) over \(Z_{\varphi ( N )}^*\) which is equivalent (not necessarily identical) to the original PKG ’s secret information.
Proof
Furthermore, Meshram developed a more general attacking method [2] for the modified system, such that \(( {n+2} )\) entities conspiracy can derive the PKG ’s secret information with high probability.
Theorem 2
[2] The \(( {n+2} )\) entities’ \(i,( {1\le i\le n+2} )\) can derive the PKG ’s secret information v with high probability.
Proof
If the matrix \({B}^{\prime }\) is nonsingular over \(Z_{\varphi ( N )}^*\), then \(v_i^{\prime } =0( {\hbox {mod}\,\varphi ( N )} )\), and this contradicts the above results. Thus, the matrix \({D}'\) is singular over\(Z_{\varphi ( N )}^*\), and we have det \(( {{B}^{\prime }})=0(\hbox {mod} \,\varphi (N))\) with high probability. It shows that det \(( {{B}^{\prime }} ))\) is divisible by \(\varphi ( N )\) with high probability. Furthermore, consider the case where the other \(( {n+1} )\) entities among \(( {n+2} )\) conspire, and define the matrix \({D}^{{\prime }{\prime }}\) in a way similar to the above. Then, det \((B^{{\prime }{\prime }})\) is divisible by \(\varphi ( N )\) with high probability. Hence, gcd (det\((B^{{\prime }})\), det \(( {B}^{{\prime }{\prime }} )\)) gives \(d\varphi ( N )\), where d is a small positive integer. By the above procedure, we can evaluate \(\varphi ( N )\) efficiently. An additional procedure to find the center’s secret information is completely the same as attack (Theorem 2).
Performance comparison of identitybased cryptographic schemes
In this section, we have discussed six most widely used identitybased cryptographic schemes and compared their performance. These eight identitybased cryptographic schemes are: cocks identitybased cryptographic scheme [5], authenticated identitybased cryptographic scheme [3], selectiveidentity secure identitybased cryptographic scheme without random oracles [15], hierarchical identitybased cryptographic scheme [6], water’s identitybased cryptographic scheme [4], Meshram and Obaidat’s identitybased QER cryptographic scheme [13], and our proposed efficient Identitybased QER cryptographic scheme. These schemes have different performances on server for evaluating Encryption algorithm performance, Decryption algorithm performance, and computational cost.
 \(T_{\hbox {P}} =\)

The time of executing a paring operation.
 \(T_{\hbox {M}} =\)

The time of executing a modular multiplication.
 \(T_{\hbox {e}} =\)

The time of executing a modular exponentiation in group.
 \(T_{\hbox {m }}=\)

The time of executing a scalar or point multiplication in group.
 \(T_{\hbox {x }}=\)

The time of executing an XOR operation.
 \(T_{\hbox {H}} =\)

The time of executing a map to point hash function.
 \(T_{\hbox {h }}=\)

The time of executing a oneway hash function.
 \(T_{\hbox {a }}=\)

The time of executing a modular addition operation.
 \(T_{\hbox {i}}=\)

The time of executing a modular inverses operation.
 \(T_{\hbox {j}}=\)

The time of executing a Jacobi symbol operation.
Comparisons among our proposed identitybased cryptographic scheme and previously proposed identitybased cryptographic schemes
Identitybased cryptographic schemes  \(F_1 \)  \(F_2 \)  \(F_3 \) 

Scheme [3]  \(T_P +T_H +3T_h +T_x \)  \(T_P +T_H +3T_h +T_x \)  \(2T_P +2T_H +6T_h +2T_x \) 
Scheme [4]  \(2T_P +3T_m \)  \(2T_P +T_m +T_i \)  \(4T_P +4T_m +T_i \) 
Scheme [5]  \(T_J +2T_a +2T_M +2T_i \)  \(T_J +T_a \)  \(2T_j +3T_a +2T_M +2T_i \) 
Scheme [6]  \(T_P +T_H +T_h +T_e +T_m +T_x \)  \(T_P +T_h +T_x \)  \(2T_P +T_H +2T_h +T_e +T_m +2T_x \) 
Scheme[13]  \(4T_e +T_m \)  \(2T_e +T_m +T_i \)  \(6T_e +2T_m +T_i \) 
Scheme [15]  \(T_P +4T_e +2T_M \)  \(T_P +T_e +T_M +T_i \)  \(2T_P +5T_e +3T_M +T_i \) 
Proposed scheme  \(2T_e +T_m +T_i \)  \(2T_e +T_m +T_i \)  \(4T_e +2T_m +2T_i \) 
As we all know, the time of executing a paring operation \(T_{\hbox {P}} \) is more timeconsuming than other operations. Some performance simulation results [17] demonstrate that \(T_{\hbox {a}} \) and \(T_{\hbox {h}} \) are trivial in comparison with \(T_{\hbox {e}} ,T_{\hbox {M}} ,T_{\hbox {x}} , T_{\hbox {H }},T_{\hbox {i}} \), and \(T_{\hbox {j}} \).
It is to be noted that encryption algorithmic phase and decryption algorithmic phase are the dominating process in terms of computation cost than setup and extract phases as they are executed only once. Thus, we consider only the encryption and decryption phase and accordingly compare the proposed identitybased cryptographic scheme with [3, 4, 5, 6, 13, 15]. We demonstrate the comparative result in Table 1 in terms of computational cost and security properties.
It is quite clear from the above table that the proposed efficient identitybased QER cryptographic scheme bears lower computational cost than [3, 4, 5, 6, 13, 15].
Enhancement of security and processing cost
Example of h( i; jk ) for \(i=1,2,3,4\) and \(jk\in \{ {0,1} \}\)
h(1: 11) = 9  h(2: 11) = 11  h(3: 11) = 18  h(4: 11) = 22 
h(1: 00) = 5  h(2: 00) = 21  h(3: 00) = 4  h(4: 00) = 16 
h(1: 01) = 13  h(2: 01) = 17  h(3: 01) = 23  h(4: 01) = 2 
h(1: 10) = 12  h(2: 10) = 7  h(3: 10) = 15  h(4: 10) = 8 
It is quite clear from the above table that the partitioning strategy enhances the security of proposed scheme using the pairing of two difference bit segments as compare the previous scheme [13].
Encryption
Decryption
It is exactly the same as in the original system in Sect. 3.
In the original system in Sect. 3, the PKG’s secret information is derived by 512 entities conspiracy, while in the above system, it is derived by 1024 (=4 \(\times \) 256) entities conspiracy. Furthermore, the running cost for encryptionkey generation in the above system is about half of the original system. However, the KAC’s public information in the above system is about twice than the original system. Further generalizations, e.g., each \({Y}_{{i}} \) is partitioned into 128 segments every four bits, etc., are possible and such schemes are regarded as the hybrid system of the identitybased cryptosystem and the conventional public key cryptosystem.
Conclusion
In this study, the proposed efficient identitybased QER cryptographic scheme must satisfy Shamir’s original concepts in a strict sense, i.e., it does not need any interactive earliest communications in, respectively, data transmission. It provides longer and higher levels of security than the schemes using IFP and the general formulation of DLP. The presented scheme needs nominal operations in encryption and decryption proses, thus makes it is very efficient. The offered out comes provides the special result from the security point of view, because we face the problem of solving IFP and DLP simultaneously in the multiplicative group define over finite fields as compared with the other identitybased cryptographic scheme. Using our propose scheme, we can develop an identitybased encryption model based on lightweight public key management techniques. It has small sizes key pair’s private and public keys as compared with other Identitybased cryptographic schemes available in literature. It is more benefited in grid security architecture. The grid environment may have a large number of members that join and leave over time and that certificates are used extensively for every job submission. This would inevitably complicate key management and increase the bandwidth requirement of a grid system. It was also noted that these problems could be simplified using certificatefree identitybased cryptographic scheme. Moreover, in the identitybased cryptographic setting, a user’s public key can be created and used immediately without the need for a public key certificate to be forwarded to the intended recipient [normally via a Transport Layer Security (TLS) handshake]. However, the supposedly dynamic use of identitybased keys was hindered by some traditional limitations of identitybased cryptographic scheme, such as key escrow, and the need to distribute private keys through secure channels. More importantly, some of the essential security requirements desired in the Globus Toolkit (GT) require using proxy credentials for single signon and delegation, but our developed efficient identitybased QER cryptographic scheme is free from certificate and key escrow problems.
Notes
Acknowledgements
This work was supported by Dr. D.S. Kothari fellowship awarded by University Grants Commission, New Delhi, India, to the first author and second author under DSAI grant of UGC New Delhi, India.
References
 1.Shamir A (1985) Identitybased cryptosystem and signature scheme, advances in cryptology: proceedings of crypto’ (lecture notes in computer science 196), vol 84. Springer, Berlin, pp 47–53Google Scholar
 2.Meshram C (2015) Factoring and discrete logarithm using IBC. Int J Hybrid Inf Technol 8(3):121–132Google Scholar
 3.Lynn B (2002) Authenticated IDbased encryption. Cryptology ePrint Archive, Report 2002/072. http://eprint.iacr.org/2002/072
 4.Waters B (2005) Efficient identitybased encryption without random oracles, advances in cryptologyCRYPTO 2005, lecture notes in computer science, vol 3494. Springer, Berlin, pp 114–127Google Scholar
 5.Cocks C (2001) An identity based encryption scheme based on quadratic residues, international conference on cryptography and coding (proceedings of IMA), lecture notes in computer science, vol 2260. Springer, Berlin, pp 360–363Google Scholar
 6.Gentry C, Silverberg A (2002) Hierarchical IDbased cryptography, in advances in cryptologyAsiacrypt’02, lecture notes in computer science, vol 2501. Springer, Berlin, pp 548–566MATHGoogle Scholar
 7.Meshram C, Meshram S (2013) An identity based cryptographic model for discrete logarithm and integer factoring based cryptosystem. Inf Process Lett 113(10):375–380MathSciNetCrossRefMATHGoogle Scholar
 8.Meshram C (2015) An efficient IDbased cryptographic encryption based on discrete logarithm problem and integer factorization problem. Inf Process Lett 115(2):351–358MathSciNetCrossRefMATHGoogle Scholar
 9.Meshram C, Meshram S, Zhang M (2012) An IDbased cryptographic mechanisms based on GDLP and IFP. Inf Process Lett 112(19):753–758MathSciNetCrossRefMATHGoogle Scholar
 10.Meshram C, Meshram S (2015) Constructing new an IDbased cryptosystem for IFP and GDLP based cryptosystem. J Discret Math Sci Cryptogr. doi: 10.1080/09720529.2015.1032621
 11.Meshram C (2015) An efficient IDbased beta cryptosystem. Int J Secur Appl 9(2):189–202MathSciNetGoogle Scholar
 12.Meshram C, Meshram S (2011) An identity based beta cryptosystem, IEEE proceedings of 7th international conference on information assurance and security (IAS 2011) Dec. 5–8, pp 298–303Google Scholar
 13.Meshram C, Obaidat M (2015) An IDbased quadraticexponentiation randomized cryptographic scheme. IEEE proceedings of international conference on computer, information, and telecommunication systems (CITS 2015), July 15–17 (Accepted)Google Scholar
 14.Meshram C, Meshram SA (2011) Some modification in IDbased cryptosystem using IFP & DDLP. Int J Adv Comput Sci Appl 2(8):25–29Google Scholar
 15.Boneh D, Boyen X (2004) Efficient selectiveID secure identity based encryption without random oracles, advances in cryptologyEUROCRYPT 2004, lecture notes in computer science, vol 3027. Springer, Berlin, pp 223–238MATHGoogle Scholar
 16.Boneh D, Canetti R, Halevi S, Katz J (2007) Chosenciphertext security from identitybased encryption. SIAM J Comput 36(5):1301–1328MathSciNetCrossRefMATHGoogle Scholar
 17.Boneh D, Franklin MK (2003) Identity based encryption from the Weil pairing. SIAM J Comput 32(3):586–615MathSciNetCrossRefMATHGoogle Scholar
 18.Okarnoto E, Tanaka K (1989) Key distribution system based on identification information. IEEE J Sel Areas Commun 7:481–485CrossRefGoogle Scholar
 19.Coron J (2003) On the exact security of full domain hash. Advances in cryptologyCRYPTO’ 2000, lecture notes in computer science, vol 1880. Springer, BerlinGoogle Scholar
 20.Pang L, Li H, Wang Y (2013) nMIBAS: a novel multireceiver IDbased anonymous signcryption with decryption fairness. Comput Inform 32(3):441–460MathSciNetGoogle Scholar
 21.Tsujii S, Itoh T (1989) An IDbased cryptosystem based on the discrete logarithm problem. IEEE J Sel Areas Commun 7:467–473CrossRefGoogle Scholar
 22.ElGmal T (1995) A public key cryptosystem and a signature scheme based on discrete logarithms. IEEE Trans Inf Theory 31:469–472MathSciNetCrossRefGoogle Scholar
Copyright information
Open AccessThis article is distributed under the terms of the Creative Commons Attribution 4.0 International License (http://creativecommons.org/licenses/by/4.0/), which permits unrestricted use, distribution, and reproduction in any medium, provided you give appropriate credit to the original author(s) and the source, provide a link to the Creative Commons license, and indicate if changes were made.